| SYSTEM INFORMATION | |
|---|---|
| OS type and version | Rocky Linux 9.5 |
| Usermin version | 2.102 |
| Virtualmin version | 7.30.4 |
| Theme version | 21.20.7 |
| Apache version | 2.4.62 |
When I go to DNS DKIM record and select ‘generate new key’ and then click on save the new key appears to be identical - is this a bug? Anything I can do to troubleshoot?
Let’s await confirmation of the bug that you have reported.
In the meantime, you could force Virualmin to generate a new key simply by deleting the old one. See:
You sure, I tested on a dev machine and it works fine. Look a every character, it can look similar.
Copy the key into a text file, then regenerate the key, put that new key in a text file and then then compare the text in the 2 files to see if they are different.
Winmerge should do this.
I can’t find that settingin 7.50.2 GPL. Where are you finding it?
It might be a bug that it was even there?
Tried that (it only lets you delete the private key) but when you click save and go back to it the same key re-appears.
Yep, ran a diff and there are no changes.
They are the same, no diff.
Virtualmin > DNS Settings > DKIM Record
Is there a reason you haven’t updated your Virtualmin? Even if it is a bug I don’t know that it will get fixed in that version.
That is an old version, good catch
There was a bug reported a couple of years ago, update and see if that fixes the issue
I’ve updated to:
| SYSTEM INFORMATION | |
|---|---|
| OS type and version | Rocky Linux 9.5 |
| Usermin version | 2.510 |
| Virtualmin version | 7.50.2 GPL |
| Theme version | 26.20 |
| Apache version | 2.4.62 |
But doing this still does not change anything:
Virtualmin > DNS Settings > DKIM Record > Generate new key > save
Do I need to select Force generation of new private key? in Email Settings > DomainKeys IM as well?
I thought that’s what you where trying.
Ok, found where your trying (this is why I like screenshot)
I will test later
Thanks Stefan - I actually had no idea Email Settings > DomainKeys IM existed until it was mentioned in this thread. I haven’t tried Force generation of new private key? because I wonder why that option is there - why would forcing be required? Almost seems like it is a ‘only do this if you absolutely need to’ kind of situation, possibly with some kind of drawback, hence I thought I’d check here first.
I’d ‘guess’ that since a lot of setups use only one key for the server changing one domain could be, well, interesting from a management perspective.
Yeah that’s true, not sure why there is a option there for the domain.
Shouldn’t DKIM keys be per domain though?
From Google:
DKIM keys are fundamentally domain-specific, not server-specific, meaning each sending domain needs its own keys
It does on WHM/Cpanel, on VM Ive only grabbed the setting from global dkim.
I noticed that’s change in the latest version so not sure now.
I’ve tried Email Settings > DomainKeys IM > Force generation of new private key > Yes but I am still getting the same keys on the domain I am checking. The output from this is also a bit odd:
Finding virtual servers to enable DKIM for ..
.. found 7 servers and 1 extra domains
Generating private key in file /etc/opendkim/keys/default.private ..
.. done
Extracting public key from private key in /etc/opendkim/keys/default.private ..
.. done
Setting domain and selector in DKIM filter configuration ..
.. done
Adding DKIM records to DNS domain domain1.com ..
.. records already exist
Adding DKIM records to DNS domain domain2.com ..
.. records already exist
Adding DKIM records to DNS domain domain3.com ..
.. added successfully
Adding DKIM records to DNS domain domain4.com ..
.. records already exist
Adding DKIM records to DNS domain domain5.com ..
.. records already exist
Adding DKIM records to DNS domain domain6.com ..
.. records already exist
Adding DKIM records to DNS domain domain7.com ..
.. added successfully
...
The domain I checked was domain2.
Is this a bug or am I doing something wrong : /